Senior Manager, Information Security Office (ISO) Consultant

About The Position

Requirements

• High School Diploma, GED or equivalent certification
• At least 6 years of experience working in cybersecurity or information technology
• At least 5 years of experience providing guidance and oversight of cyber security concepts
• At least 5 years of experience performing cyber security risk assessments or cyber security architecture reviews
• At least 4 years in securing a public cloud environment
• At least 3 years of experience with API security, observability, cloud access control and privacy best practices

Nice To Haves

• Bachelor's Degree
• 7+ years of experience in securing a public cloud environment (AWS, GCP, Azure)
• 6+ years of cyber security advisory and technology consulting experience.
• 5+ years of experience performing security cybersecurity assessments for enterprise AI and ML platforms
• 5+ years of experience with industry security frameworks such as NIST AI RMF, OWAPS, MITRE ATLAS, ISO 27001, PCI DSS and GDPR
• Knowledge of networking protocols such as HTTP, DNS and TCP/IP
• Knowledge of Agentic AI systems, workflows, MCP and A2A
• Professional certifications AWS Certified Solutions Architect and Certified Information Systems Security Professional (CISSP)

Responsibilities

• Lead the development of secure, enterprise grade AI/ML and agentic AI solutions
• Establish Ai-First SDLC practices and build scalable platforms
• Design and implement security controls for AI/ML systems, including LLM applications
• Conduct threat modeling, risk assessments and security reviews using frameworks such as NIST AI RMF, OWASP, and MITRE ATLAS
• Define and enforce AI Model guardrails, safety standards, and governance policies
• Identify and mitigate risk in open -source AI ML models
• Build and scale processes for AI security testing, monitoring and stress validation
• Partner with engineering, research, and security teams to deliver secure and compliant AI solutions
• Advise senior leadership on AI cybersecurity risks, strategy, and regulatory considerations
• Drive continuous improvement through vulnerability assessments, risk remediation, and security innovation

Benefits

• Capital One offers a comprehensive, competitive, and inclusive set of health, financial and other benefits that support your total well-being.
• Learn more at the Capital One Careers website .
• Eligibility varies based on full or part-time status, exempt or non-exempt status, and management level.
• This role is also eligible to earn performance based incentive compensation, which may include cash bonus(es) and/or long term incentives (LTI).